refactor around digests

Author: gefeili

core/src/main/java/org/bouncycastle/crypto/digests/AsconBaseDigest.java

@@ -15,7 +15,6 @@ private Friend()
         }
     }
 
-
     AsconPermutationFriend.AsconPermutation p;
     protected int ASCON_PB_ROUNDS = 12;
 
@@ -73,13 +72,26 @@ protected void squeeze(byte[] output, int outOff, int len)
 
     protected int hash(byte[] output, int outOff, int outLen)
     {
-        if (DigestSize + outOff > output.length)
-        {
-            throw new OutputLengthException("output buffer is too short");
-        }
+        ensureSufficientOutputBuffer(output, outOff, outLen);
         padAndAbsorb();
         /* squeeze full output blocks */
         squeeze(output, outOff, outLen);
         return outLen;
     }
+
+    protected void ensureSufficientOutputBuffer(byte[] output, int outOff, int len)
+    {
+        if (outOff + len > output.length)
+        {
+            throw new OutputLengthException("output buffer is too short");
+        }
+    }
+
+    protected void ensureNoAbsorbWhileSqueezing(boolean m_squeezing)
+    {
+        if (m_squeezing)
+        {
+            throw new IllegalArgumentException("attempt to absorb while squeezing");
+        }
+    }
 }

core/src/main/java/org/bouncycastle/crypto/digests/AsconCXof128.java

@@ -36,10 +36,7 @@ public AsconCXof128(byte[] s)
     public AsconCXof128(byte[] s, int off, int len)
     {
         algorithmName = "Ascon-CXOF128";
-        if ((off + len) > s.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
+        ensureSufficientInputBuffer(s, off, len);
         if (len > 256)
         {
             throw new DataLengthException("customized string is too long");
@@ -56,20 +53,14 @@ public AsconCXof128(byte[] s, int off, int len)
     @Override
     public void update(byte in)
     {
-        if (m_squeezing)
-        {
-            throw new IllegalArgumentException("attempt to absorb while squeezing");
-        }
+        ensureNoAbsorbWhileSqueezing(m_squeezing);
         super.update(in);
     }
 
     @Override
     public void update(byte[] input, int inOff, int len)
     {
-        if (m_squeezing)
-        {
-            throw new IllegalArgumentException("attempt to absorb while squeezing");
-        }
+        ensureNoAbsorbWhileSqueezing(m_squeezing);
         super.update(input, inOff, len);
     }
 
@@ -107,10 +98,7 @@ protected void padAndAbsorb()
     @Override
     public int doOutput(byte[] output, int outOff, int outLen)
     {
-        if (DigestSize + outOff > output.length)
-        {
-            throw new OutputLengthException("output buffer is too short");
-        }
+        ensureSufficientOutputBuffer(output, outOff, outLen);
         padAndAbsorb();
         /* squeeze full output blocks */
         squeeze(output, outOff, outLen);

core/src/main/java/org/bouncycastle/crypto/digests/AsconXof.java

@@ -49,20 +49,14 @@ public AsconXof(AsconXof.AsconParameters parameters)
     @Override
     public void update(byte in)
     {
-        if (m_squeezing)
-        {
-            throw new IllegalArgumentException("attempt to absorb while squeezing");
-        }
+        ensureNoAbsorbWhileSqueezing(m_squeezing);
         super.update(in);
     }
 
     @Override
     public void update(byte[] input, int inOff, int len)
     {
-        if (m_squeezing)
-        {
-            throw new IllegalArgumentException("attempt to absorb while squeezing");
-        }
+        ensureNoAbsorbWhileSqueezing(m_squeezing);
         super.update(input, inOff, len);
     }
 

core/src/main/java/org/bouncycastle/crypto/digests/AsconXof128.java

@@ -60,20 +60,14 @@ protected void padAndAbsorb()
     @Override
     public void update(byte in)
     {
-        if (m_squeezing)
-        {
-            throw new IllegalArgumentException("attempt to absorb while squeezing");
-        }
+        ensureNoAbsorbWhileSqueezing(m_squeezing);
         super.update(in);
     }
 
     @Override
     public void update(byte[] input, int inOff, int len)
     {
-        if (m_squeezing)
-        {
-            throw new IllegalArgumentException("attempt to absorb while squeezing");
-        }
+        ensureNoAbsorbWhileSqueezing(m_squeezing);
         super.update(input, inOff, len);
     }
 

core/src/main/java/org/bouncycastle/crypto/digests/BufferBaseDigest.java

@@ -124,10 +124,7 @@ public void update(byte in)
     @Override
     public void update(byte[] input, int inOff, int len)
     {
-        if ((inOff + len) > input.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
+        ensureSufficientInputBuffer(input, inOff, len);
         int available = BlockSize - m_bufPos;
         if (processor.isLengthWithinAvailableSpace(len, available))
         {
@@ -155,10 +152,7 @@ public void update(byte[] input, int inOff, int len)
     @Override
     public int doFinal(byte[] output, int outOff)
     {
-        if (DigestSize + outOff > output.length)
-        {
-            throw new OutputLengthException("output buffer is too short");
-        }
+        ensureSufficientOutputBuffer(output, outOff);
         finish(output, outOff);
         reset();
         return DigestSize;
@@ -170,6 +164,22 @@ public void reset()
         m_bufPos = 0;
     }
 
+    protected void ensureSufficientInputBuffer(byte[] input, int inOff, int len)
+    {
+        if (inOff + len > input.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+    }
+
+    protected void ensureSufficientOutputBuffer(byte[] output, int outOff)
+    {
+        if (DigestSize + outOff > output.length)
+        {
+            throw new OutputLengthException("output buffer is too short");
+        }
+    }
+
     protected abstract void processBytes(byte[] input, int inOff);
 
     protected abstract void finish(byte[] output, int outOff);

core/src/main/java/org/bouncycastle/crypto/digests/ISAPDigest.java

@@ -1,7 +1,6 @@
 package org.bouncycastle.crypto.digests;
 
 import org.bouncycastle.crypto.engines.AsconPermutationFriend;
-import org.bouncycastle.util.Longs;
 import org.bouncycastle.util.Pack;
 
 /**
@@ -44,12 +43,6 @@ public ISAPDigest()
         reset();
     }
 
-    protected long U64BIG(long x)
-    {
-        return ((Longs.rotateRight(x, 8) & (0xFF000000FF000000L)) | (Longs.rotateRight(x, 24) & (0x00FF000000FF0000L)) |
-            (Longs.rotateRight(x, 40) & (0x0000FF000000FF00L)) | (Longs.rotateRight(x, 56) & (0x000000FF000000FFL)));
-    }
-
     @Override
     protected void processBytes(byte[] input, int inOff)
     {
@@ -68,14 +61,12 @@ protected void finish(byte[] output, int outOff)
             p.x0 ^= (m_buf[--m_bufPos] & 0xFFL) << ((7 - m_bufPos) << 3);
         }
         // squeeze
-        long[] out64 = new long[4];
         for (int i = 0; i < 4; ++i)
         {
             p.p(12);
-            out64[i] = U64BIG(p.x0);
+            Pack.longToBigEndian(p.x0, output, outOff);
+            outOff += 8;
         }
-        /* squeeze final output block */
-        Pack.longToLittleEndian(out64, output, outOff);
     }
 
     @Override

core/src/main/java/org/bouncycastle/crypto/digests/PhotonBeetleDigest.java

@@ -25,16 +25,16 @@ private Friend()
 
     private final byte[] state;
     private final byte[][] state_2d;
-    private static final int STATE_INBYTES = 32;
+    private static final int SQUEEZE_RATE_INBYTES = 16;
     private static final int D = 8;
     private int blockCount;
 
     public PhotonBeetleDigest()
     {
         super(ProcessingBufferType.Buffered, 4);
-        state = new byte[STATE_INBYTES];
-        state_2d = new byte[D][D];
         DigestSize = 32;
+        state = new byte[DigestSize];
+        state_2d = new byte[D][D];
         algorithmName = "Photon-Beetle Hash";
         blockCount = 0;
     }
@@ -60,17 +60,17 @@ protected void finish(byte[] output, int outOff)
         int LAST_THREE_BITS_OFFSET = 5;
         if (m_bufPos == 0 && blockCount == 0)
         {
-            state[STATE_INBYTES - 1] ^= 1 << LAST_THREE_BITS_OFFSET;
+            state[DigestSize - 1] ^= 1 << LAST_THREE_BITS_OFFSET;
         }
         else if (blockCount < 4)
         {
             System.arraycopy(m_buf, 0, state, blockCount << 2, m_bufPos);
             state[(blockCount << 2) + m_bufPos] ^= 0x01; // ozs
-            state[STATE_INBYTES - 1] ^= (byte)1 << LAST_THREE_BITS_OFFSET;
+            state[DigestSize - 1] ^= (byte)1 << LAST_THREE_BITS_OFFSET;
         }
         else if (blockCount == 4 && m_bufPos == 0)
         {
-            state[STATE_INBYTES - 1] ^= (byte)2 << LAST_THREE_BITS_OFFSET;
+            state[DigestSize - 1] ^= (byte)2 << LAST_THREE_BITS_OFFSET;
         }
         else
         {
@@ -80,13 +80,12 @@ else if (blockCount == 4 && m_bufPos == 0)
             {
                 state[m_bufPos] ^= 0x01; // ozs
             }
-            state[STATE_INBYTES - 1] ^= (m_bufPos % BlockSize == 0 ? (byte)1 : (byte)2) << LAST_THREE_BITS_OFFSET;
+            state[DigestSize - 1] ^= (m_bufPos % BlockSize == 0 ? (byte)1 : (byte)2) << LAST_THREE_BITS_OFFSET;
         }
         PhotonBeetleEngine.PhotonPermutation(Friend.INSTANCE, state_2d, state);
-        int SQUEEZE_RATE_INBYTES = 16;
         System.arraycopy(state, 0, output, outOff, SQUEEZE_RATE_INBYTES);
         PhotonBeetleEngine.PhotonPermutation(Friend.INSTANCE, state_2d, state);
-        System.arraycopy(state, 0, output, outOff + SQUEEZE_RATE_INBYTES, DigestSize - SQUEEZE_RATE_INBYTES);
+        System.arraycopy(state, 0, output, outOff + SQUEEZE_RATE_INBYTES, SQUEEZE_RATE_INBYTES);
     }
 
     @Override
@@ -96,4 +95,4 @@ public void reset()
         Arrays.fill(state, (byte)0);
         blockCount = 0;
     }
-}
+}

core/src/main/java/org/bouncycastle/crypto/digests/SparkleDigest.java

@@ -16,14 +16,18 @@ public class SparkleDigest
     public static class Friend
     {
         private static final Friend INSTANCE = new Friend();
-        private Friend() {}
+
+        private Friend()
+        {
+        }
     }
 
     public enum SparkleParameters
     {
         ESCH256,
         ESCH384
     }
+
     private static final int RATE_WORDS = 4;
     private final int[] state;
     private final int SPARKLE_STEPS_SLIM;
@@ -71,10 +75,7 @@ protected void finish(byte[] output, int outOff)
 
             // padding
             m_buf[m_bufPos] = (byte)0x80;
-            while(++m_bufPos < BlockSize)
-            {
-                m_buf[m_bufPos] = 0x00;
-            }
+            Arrays.fill(m_buf, m_bufPos, BlockSize, (byte)0);
         }
         else
         {
@@ -108,9 +109,9 @@ public void reset()
 
     private void processBlock(byte[] buf, int off, int steps)
     {
-        int t0 = Pack.littleEndianToInt(buf, off     );
-        int t1 = Pack.littleEndianToInt(buf, off +  4);
-        int t2 = Pack.littleEndianToInt(buf, off +  8);
+        int t0 = Pack.littleEndianToInt(buf, off);
+        int t1 = Pack.littleEndianToInt(buf, off + 4);
+        int t2 = Pack.littleEndianToInt(buf, off + 8);
         int t3 = Pack.littleEndianToInt(buf, off + 12);
 
         // addition of a buffer block to the state
@@ -138,4 +139,4 @@ private static int ELL(int x)
     {
         return Integers.rotateRight(x, 16) ^ (x & 0xFFFF);
     }
-}
+}

core/src/main/java/org/bouncycastle/crypto/digests/XoodyakDigest.java

@@ -26,6 +26,7 @@ private Friend()
     private int phase;
     private static final int mode = 1; // set as ModeHash
     private static final int PhaseUp = 2;
+    private static final int PhaseDown = 1;
     private static final int TAGLEN = 16;
     private int Cd;
 
@@ -43,9 +44,10 @@ protected void processBytes(byte[] input, int inOff)
     {
         if (phase != PhaseUp)
         {
-            phase = XoodyakEngine.up(Friend.INSTANCE, mode, state, null, 0, 0, 0);
+            XoodyakEngine.up(Friend.INSTANCE, mode, state, 0);
         }
-        phase = XoodyakEngine.down(Friend.INSTANCE, mode, state, input, inOff, BlockSize, Cd);
+        XoodyakEngine.down(Friend.INSTANCE, mode, state, input, inOff, BlockSize, Cd);
+        phase = PhaseDown;
         Cd = 0;
     }
 
@@ -56,13 +58,16 @@ protected void finish(byte[] output, int outOff)
         {
             if (phase != PhaseUp)
             {
-                phase = XoodyakEngine.up(Friend.INSTANCE, mode, state, null, 0, 0, 0);
+                XoodyakEngine.up(Friend.INSTANCE, mode, state, 0);
             }
-            phase = XoodyakEngine.down(Friend.INSTANCE, mode, state, m_buf, 0, m_bufPos, Cd);
+            XoodyakEngine.down(Friend.INSTANCE, mode, state, m_buf, 0, m_bufPos, Cd);
         }
-        phase = XoodyakEngine.up(Friend.INSTANCE, mode, state, output, outOff, TAGLEN, 0x40);
-        phase = XoodyakEngine.down(Friend.INSTANCE, mode, state, null, 0, 0, 0);
-        phase = XoodyakEngine.up(Friend.INSTANCE, mode, state, output, outOff + TAGLEN, TAGLEN, 0);
+        XoodyakEngine.up(Friend.INSTANCE, mode, state, 0x40);
+        System.arraycopy(state, 0, output, outOff, TAGLEN);
+        XoodyakEngine.down(Friend.INSTANCE, mode, state, null, 0, 0, 0);
+        XoodyakEngine.up(Friend.INSTANCE, mode, state, 0);
+        System.arraycopy(state, 0, output, outOff + TAGLEN, TAGLEN);
+        phase = PhaseDown;
     }
 
     @Override
@@ -73,4 +78,4 @@ public void reset()
         phase = PhaseUp;
         Cd = 0x03;
     }
-}
+}

core/src/main/java/org/bouncycastle/crypto/engines/ElephantEngine.java

@@ -149,7 +149,6 @@ public void permutation(byte[] state)
     private class Dumbo
         extends Spongent
     {
-
         public Dumbo()
         {
             super(160, 20, 80, (byte)0x75);
@@ -166,7 +165,6 @@ public void lfsr_step()
     private class Jumbo
         extends Spongent
     {
-
         public Jumbo()
         {
             super(176, 22, 90, (byte)0x45);